我使用以下内容创建用于数据库加密的证书。
use master
--create certificate
CREATE CERTIFICATE Cert4TDE WITH SUBJECT = 'Certificate for TDE';
GO
--back up certificate
BACKUP CERTIFICATE Cert4TDE TO FILE = 'E:\asd\Cert4TDE.crt'
WITH PRIVATE KEY ( FILE = 'E:\asd\privateKeyOfCert4TDE.pvk' ,
ENCRYPTION BY PASSWORD = 'P@ssword2' );
GO
Use [Test5]
GO
CREATE DATABASE ENCRYPTION KEY
WITH ALGORITHM = AES_256 --Supported encryption algorithms are AES with 128-bit, 192‑bit, or 256‑bit keys or 3 Key Triple DES
ENCRYPTION BY SERVER CERTIFICATE Cert4TDE
GO
ALTER DATABASE [Test5]
SET ENCRYPTION ON;
去
备份 T5 数据库并从 SQL 中删除证书后,我尝试从文件中导入证书
create certificate Cert4TDE
from file = 'E:\asd\Cert4TDE.crt'
with private key
(file = 'E:\asd\privateKeyOfCert4TDE.pvk',
encryption by password = 'P@ssword2',
decryption by password = 'P@ssword2')
我希望在导入证书后,我可以恢复 Test5 数据库,但它会抛出错误:证书有一个受用户定义密码保护的私钥。我做错了什么?